Friday, July 20, 2018

Things I Hearted this Week, 20th July 2018

INFOSEC RECRUITING – IS THE INDUSTRY CREATING ITS OWN DROUGHT

We’ve all been blasted with many a report that infosec has a massive skills gap. But what if the problem doesn’t lie with the lack of skilled professionals, but the hiring process itself?

Thomas Fischer makes a compelling argument, using some of his personal recent experiences from both sides of the hiring process.

GDPR

Did you think that discussions around GDPR were over? You thought wrong.

SEXTORTION SCAMS

A clever new twist on an on extortion email scam includes a password the recipient previously used at a hacked website, to lend credence to claims that the sender has hacked the recipients computer / webcam and recorded embarrassing videos.

TESLA

Elon Musk continues to make the headlines, sometimes for the right, and other times for the wrong reasons. But it’s worth taking a look at the companies security. While there was the infamous emaila few weeks back where Musk pointed the finger of blame to a rogue employee, it’s not the first case of cybersecurity gone wrong in the company.

Tesla sued an oil-industry executive for impersonating Musk in an email. The tricksters goal was to undermine tesla’s energy-efficient transportation.

RELATED OLDER NEWS

So is Tesla more a car company or a software company that happens to make cars?

THOUSANDS OF MEGA LOGINS DUMPED ONLINE

Thousands of credentials for accounts associated with New Zealand-based file storage service Mega have been published online.

The text file contains over 15,500 usernames, passwords, and files names, indicating that each account had been improperly accessed and file names scraped.

Somewhat related, the NY Times has rolled out a new feature to secure subscriber accounts that locks accounts whose passwords have appeared in breaches.

WE’VE HAD A DATA BREACH… LET’S NOT TELL ANYONE

It’s a basic question in the face of a data breach: do we fix it and keep quiet? Or do we tell the world and risk the consequences. A major fuel company was recently confronted by this challenge, and their response and how they communicated it provides a worrying lesson for issue and crisis managers everywhere.

DEMYSTIFYING THE PUBLIC OR PRIVATE CLOUD CHOICE

Everyone wants to operate like a tech company today. Chances are, your business can’t thrive without improving how you do IT, and executives must decide where to house and process their data. Companies like Liberty Mutual are able to enter a new market in just six months and double the average sales rate, while government organizations are defying expectations with rapidly developed and deployed applications across the board from tax collection to war-fighting.

Your cloud strategy is going to be nuanced. A recent Forrester study found that just four percent of organizations run their applications exclusively in the public cloud; 77 percent of organizations are using multiple types of clouds, both on-premises and off-premises. So do you go the public or private cloud route? It can be a complicated question. Let’s look at some starting considerations.

RANDOMNESS

A few other stories I enjoyed reading recently.

      

The post Things I Hearted this Week, 20th July 2018 appeared first on Cybersecurity Insiders.


July 20, 2018 at 09:10PM

0 comments:

Post a Comment